The patch for ITS8529 has been pushed to OpenLDAP master. Generally I'd
push something like this to RE24 as well, except for the fact that it
results in a behavior change vs prior releases (at least if OpenLDAP is
linked to OpenSSL).
On the plus side, the patch reveals potential misconfigurations that were
previously not noted.
On the minus side, it could affect someone's existing deployment.
(Although that deployment would clearly be in error).
I personally think it would be best to apply it to RE24, particularly given
that it has security implications. I know Michael Stroeder already noted
he would like to see it in RE24 as well.
Does anyone have some good concrete reasons why it should not go into RE24?
Packaged, certified, and supported LDAP solutions powered by OpenLDAP: